CERT/CC

CERT/CC is a Federally Funded Research and Development Center (FFRDC) for internet security problems. It is a component of CERT Program under the Software Engineering Institute (SEI) operated by the Carnegie Mellon University.[1] The CERT Program ensures that the internet community is using proper technology and systems management practices to combat attacks on networked systems and limit the damages. It also ensures the continuity of critical services in case a successful attack or failure occurs.[2]

Background

CERT/CC is the first major security response team in the United States which was created in November 1998. The establishment of the center was prompted when an internet attack called Morris Worm happened. The Defense Advance Research Project Agency (DARPA) commissioned SEI right after the Morris Worm incident which crippled 10 percent of the internet and demonstrated the growing networks vulnerability to attack. [3]

DARPA instructed SEI to build the center with a fast and efficient capability to coordinate communications among experts during emergency to prevent future incidents and to create awareness about the security issues within the internet community.

Areas of Work

The CERT Coorination Center conducts work or research on the following areas:[4]

Software Assurance- The center’s main objective is to analyze the state of internet security, monitors public sources and receive reports of vulnerabilities and share the information to technology producers and collaborate with them to find solutions to the problem.

Secure Systems- CERT conducts research on survival systems engineering and finds ways to improve the design of systems, develop strategies to be able to assess and predict current, potential, and sophisticated threats to the internet.

Organizational Security- the center developed OCTAVE, a risk assessment that helps businesses to identify and characterize critical information assets and identify risks to those assets. Businesses may utilize the result of the assessment to improve their strategy, maintain and increase the level of security to their networked systems.

Coordinated Response- CERT coordinates regularly with websites worldwide to gain support in solving computer security problems and help them form computer security incident response teams (CSIRTs), provide guidance and training. It is also developing tools and training in the area of forensics to supply system administrators with the necessary skills and resources to become efficient and primary responders to security threats.CERT is active in creation and continued development of US-CERT, the national CSIRT for the United States and Q-CERT, the national CSIRT of Qatar.

Education and Training- CERT offers training courses to further educate the technical staff and managers of CSIRTs as well as system administrators and other technical personnel interested to learn more about network security. Some of the courses are part of the incident handling certification program. The Center also teaches survivability and information assurance as well as Information Security Management specialization of the Master of Information Systems Management program at Carnegie Mellon University.